Network Security Evaluation Mould based on Multifactor Fuzzy

Transcription

1 Network Security Evaluation Mould based on Multifactor Fuzzy Evaluation 1 Tao Wu, 2 Jun Ma, 3 Hang Zhang 1, Network Information Center, Hebei United University, Tangshan, China, happynat@163.com 2, Network Information Center, Hebei United University, Tangshan, China, mj@heuu.edu.cn 3, Network Information Center, Hebei United University, Tangshan, China, zhanghang@heuu.edu.cn Abstract The rapid development of information technology makes the quantitative assessment of network security is increasingly important. In this paper, we combine the network security objects and their attributes, and use the hierarchical analysis method to establish a network security risk assessment index system. It is to quantify the indictors by using the experts on the assessment of the impact factors, combination of qualitative analysis and fuzzy evaluation based on many factors. This paper proposes a network security risk assessment model and gave a quantitative assessment of the methods and steps. Network security risk assessment model helps to find the various factors of threat to network security. Keywords: Multi-Factor Fuzzy Evaluation, Network Security Mould, Risk Evaluation, Hierarchical Analysis Methods 1. Introduction The security risk evaluation is an important part in the network security system [1, 2, 3], as well as a systematic project. The evaluation system will be affected by a variety of factors which is subjective or objective, certain or uncertain, internal or external, etc, especially when network contains customer s most important information assets [4, 5, 6]. These security risks will have a great potential safety hazard to our nation, society, enterprises and individuals [7]. Thus, this essay aims to study the assessment methods on network security risk, provides basis for mastering the risk level of network security and avoiding this risk accurately, timely and quantitatively [8, 9, 10]. The evaluation index system of network security risk is an important part of network security risk evaluation system [11]. It is a guide mark for reflecting the security attribute of the evaluation target. This index system is constructed by the request of evaluation target and content. It is groups of related index which reflect the level of the network respond to risk [12, 13, 14]. It reflects the basic features, quality and level of evaluation target according to the selected evaluation target and some related information material [15, 16]. Theoretical standards of network security risk assessment which is popular in the world are ISO/IEC13335 IT Security Administration Guide, the BS based information security management system based on risk management, AS/NZS4360 risk management standards, etc. [1, 17] According to the above standards and characteristics of network security risk assessment indicators, assessment indicators can be divided into qualitative indicators and quantitative indicators. The network security risk index system consists of three parts which are the network layer index system, risk index system of the transmission network and physical security risk index system [2]. Meanwhile, each index system contains three elements of the assets. In this paper, we combine the network security objects and their attributes, and use the hierarchical analysis method to establish a network security risk assessment index system. It is to quantify the indictors by using the experts on the assessment of the impact factors, combination of qualitative analysis and fuzzy evaluation based on many factors. This paper proposes a network security risk assessment model and gave a quantitative assessment of the methods and steps. Network security risk assessment model helps to find the various factors of threat to network security. 2. Proposed scheme International Journal of Advancements in Computing Technology(IJACT) Volume5, Number5,March 2013 doi: /ijact.vol5.issue

2 2.1. Classification of assets and their level There are a variety of electronic media data, including a variety of data, system documentation, and operation and management procedures; Asset assignment is the valuation of the security value of assets, not only to consider the cost of the asset price, the more important is to consider the safety of the importance of assets for the organization's business [3]. In order to ensure consistency and accuracy of asset valuation, the agencies should establish a balance measure of value (asset evaluation criteria) in order to identify how to give value for assets assignment [4]. The level the assets are shown in Table 1. Table 1. Classification of assets and their level Rating labeling The definition of assets value 4 high The high degree of importance of the assets, after the destruction of its security attributes may cause the system to be more serious impact 3 medium The high degree of importance of the assets, after the destruction of its security attributes may cause the system to be moderate impact 2 low Assets less, after the destruction of its security attributes may cause the system to be a lower level of impact 1 very low The assets are very low, after the destruction of its security attributes may cause the system to be very low extent, and even negligible The security threat is the possibility of factors or events which have potential destruction to institutions and their assets. No matter how secure information systems are, security threats is an objective existence of things, it is one of the important factors of risk assessment. In the process of threat assessment, the first thing is to identify threaten in each key asset of every organization in need of protection. In the threat identification process, it should be determined based on environmental conditions and assets of the assets which previously threatened damage. An asset may be faced with multiple threats, and also a threat may cause different effects on different assets. The threat level is divided into four levels, from 1-4, representing the five levels of threat probability. The greater the rating value is, the greater the likelihood of threats is. The definition of specific possibility of the threat is shown in Table 2. Table 2. Threat level and assignment Rating labeling Definition of possible threat 4 High Threat to the likelihood is higher, in most cases likely to occur or can confirm that it occurred. 3 medium The medium of the possibility of threats, in certain circumstances may occur but has not been proven to occur. 2 low Threat to the likelihood is smaller, generally less likely to happen, it has not been shown to occur. 1 Very low Threat is almost impossible to occur except in very rare and exceptional circumstances Vulnerability identification Vulnerability assessment is also known as vulnerability assessment, an important content in security risk assessment. There is the weakness of the asset itself; it can be threatened to use, causing damage of the assets or business goals. The weaknesses include the vulnerability of the physical environment, organization, process, personnel, management, configuration, hardware, software and information, etc. Vulnerability assessment will aim at information assets which needed to protect, to identify every threat can take advantage of the vulnerability and the severity of the vulnerability assessment, to assess the possibility of vulnerability threats to use finally assign it the value of the relative grade. Level of vulnerability is divided into four levels, which representing the five levels of vulnerability of certain assets from 1-4. The greater the level is, the higher the degree of vulnerability. Specific for each level of vulnerability of vulnerability defined in Table

3 Table 3. Vulnerability level and assignment Rating labeling Definition of the severity of the vulnerability 4 high There is one or more fragile or loopholes in management, the threat of use of the likelihood of success is higher. 3 medium There are one or more fragile medium technology or regulatory loopholes, and threatened the use of the likelihood of success 2 low Lower the possibility of existence of one or more technical or regulatory loopholes, the lower the degree of vulnerability was threatened use of successful. 1 very low The possibility of the existence of one or more low vulnerability degree of technical or regulatory loopholes, was threatened use of success is very low, almost impossible to be successful Layered index assessment process The process of risk assessment includes four stages which are risk assessment preparation, the identification of risk factors, the degree of risk analysis and risk rating assessment [5]. The value of the overall risk assessment is gained by hierarchs using quantitative method. Different values correspond to different levels, and comprehensive analysis is conducted. The risk calculation models and algorithms are as follows: 1) To identify the information assets and give the value to the information assets; 2) To identify the threat and give the value to the threat of the frequency assignment; 3) To identify the vulnerability of information assets, and give value to the severity of the vulnerability of the assignment; 4) To work out the possibility of security incidents based on the identification results of threats and vulnerabilities; 5) To calculate the value of each risk in the index system according to the likelihood of security incidents and the effects of security incidents. 6) To analyze comprehensively and get the value of the overall risk assessment using the methods of quantitative and qualitative according to the risk value of each indicators in the index system. The risk is calculated as follows: R f A,V,T f Ia,L Va,T, (1) where R stands risks; A indicates assets; V represents vulnerability; T represents the threat; Ia refers to impact of organizational business caused by the assets of security (also known as the importance of the assets); Va refers to the vulnerability of an asset,l stands for the threat of use of assets caused by the vulnerability of the likelihood of security incidents. The risk calculation model shown in Figure 1: Figure 1. Risk Calculation Model 2.4. Multiple factors comprehensive evaluation algorithm Fuzzy comprehensive evaluation method is a comprehensive evaluation method based on fuzzy mathematics. The comprehensive evaluation method based on fuzzy mathematics membership theory qualitative evaluation into quantitative evaluation using fuzzy math to make an overall evaluation of things or objects restricted by many factors. It can resolve clear, systematic and strong features, and the problem which is fuzzy, difficult to quantify can be solved; it is suitable for a variety of nondeterministic problems. 258

4 In order to facilitate description, according to the basic concepts of fuzzy math, fuzzy comprehensive evaluation method and related terms are defined as follows : Evaluate the factors (X): treatment of the specific factors set of evaluation questions (such as a variety of indicators, parameters, specifications, performance, condition, etc.). In order to facilitate weight distribution and comment, the properties of the evaluation factors, evaluation factors into certain categories (for example, the network layer, transport layer, physical layer), and each category as a single evaluation factors, called the first an evaluation of factors (X1). The first level of evaluation factors can be set under the second level of evaluation factors (for example, the first level of evaluation factors network layer may have under the second stage of evaluation factors: the topological situation in routing and Qos). The second level of evaluation factors can also set up under the third level of evaluation factors, and so forth. Evaluate the factor value (x): it refers to the specific value of the evaluation factors. Evaluation of the value (Y): it refers to the level of the pros and cons of the evaluation factors. Evaluation factors for the evaluation of the optimal value 1 (percentile of 100 points) ; less optimal evaluation factors, according to the extent due to the excellent, the evaluation value is greater than or equal to zero and less than or equal to 1 (percentile of 100 points,), which is 0 Y 1 (using the percentage system, 0 Y 100). The average assessment value (Yp): it refers to the average of the evaluation of certain evaluation factors through qualitative analysis or quantitative analysis. Average rating value (Yp) = number of evaluation value/evaluation source. Weight (W): it is the status and importance to the evaluation factors. The total weight of the first level of evaluation factors is 1; the total of an evaluation of the weight of the factors in each evaluation factors is a. Weighted average value (Ypw): it refers to the weighted average evaluation value. Weighted average evaluation value (Ypw) = average evaluation value (Yp) the weight (W). The comprehensive evaluation value (Ez): it refers to the evaluation factors with a weighted average value (Epw). Comprehensive evaluation value corresponds to an evaluation of the value of the factors. Algorithm is as follows: 1) Determine the evaluation factors set: the risk of network layer X 1, Transport Layer risk X 2, physical risks X 3, set for the evaluation of network security level of risk factors. X ( X1, X 2, X 3) (2) Determination of the set of sub-factors in the factors sets. Based on a realistic assessment of the needs, you can customize the different number of sub-factors set, the sub-factors set in factor sets of are as follows: X1 ( X11, X12,..., X 1m) (3) X 2 ( X 21, X 22,..., X 2n) (4) X 3 ( X 31, X 32,..., X 3 p) (5) Such as: where, X 11 topological robustness indicators, the X 12 data confidentiality indicators, X 13 for business failure frequency, and so on. 2) Determine the judge set Y. OK Y = {lowest-risk (y 1 ), low risk (y 2 ), moderate risk (y 3 ), high-risk (y 4 )} judged set. 3) Comprehensive evaluation to the factors set. By experienced technical and managerial personnel to form a judgment group, individual evaluation of each evaluation sub-factors, respectively, and combined with quantitative evaluation to calculate the individual level of risk, based on a percentage of the degree of risk identification, evaluation matrix. Assessed in terms of a network layer index X 1i, identified as lowest risk and low risk, medium risk and high risk of the judges of the respective percentages of P i1, P i2, P i3, P i4, then this the evaluation of the index matrix: R1i ( Pi1, Pi2, Pi3, Pi4) (6) And the like, the network layer evaluation matrix as: 259

5 P11 P12 P13 P14 P21 P22 P23 P 24 R Pm 1 Pm2 Pm3 Pm4 where m is the number of the sub-factors in the network layer s factor set; For qualitative analysis, experts on the evaluation factors established the evaluation matrix. In topological robustness indicators as an example, if 20% of the evaluation staff that" the lowest risk", 40% of the staff that" low risk", 30% of the staff that" moderate risk", 10% of the staff that" high risk", then: R (8) Similarly to obtain R2 (evaluation matrix of the transport layer) and R3 (evaluation matrix of the physical Layer), we have: R2 (0.4, 0.3, 0.2, 0.1) (9) R3 (0.3,0.3,0.3,0.1) (10) 4) To determine the X i of each sub-factor weights (a i ), a = {a 1, a 2, a 3 } of the factors X i an evaluation. Held ai the right to re-evaluation of X i, that is, fuzzy transformation from X i to Y: bi ai Ri (11) According to above analysis, to identify the factors weight: a 1 = (0.5), a 2 = (0.3), a 3 = (0.2); b1a11 R1(0.5, 0.5) (0.3, 0.5, 0.3, 0.1) (12) 5) Second stage comprehensive evaluation. Each X as an element to do it using bi-factor evaluation matrix: R { rij},0 rij 1 (13) For example: R (14) Total evaluation matrix. Y X R { y1, y2,..., ym} (15) Where the components: m Yi ( xk rkj),(m 4,k 1,2,3,4) (16) k 1 6) normalized processing: m In order to ensure treatment yi 1, need to be normalized, the normalization method to: 1 yi Y ' i,(i 1,2,3,4) n yi 1 After normalization processing results: Y ' 0.25,0.42,0.25,0.08 (18) According to the principle of maximum membership, may ultimately determine the degree of risk of network security. In general, linguistic variable fuzzy subsets can take corresponding membership function resolution changes, in the actual application, the measured data often contain noise, so membership function selection should also consider the effects of noise, which generally can be used the probability density function of the noise to give qualitative description. If the membership function is improper, the membership of people who lose weight may ultimately decide mainly by the noise, of course, this is not allowed. It is discovered through Experience that to (7) (17) 260

6 fully reduce the noise effect on degree of membership, membership function selection should also meet the following inequality: f 5 n (19) Type of f membership degree is equal to 0.5 width of membership function; n is for the probability density function of the variance. When membership function is to quantify the level of form, quantization level for general is Fuzzy analysis method to error and change the input control changes in the output of the fuzzy rules can generally be used directly in Mamdani rule table, but this is not necessarily the best, and often need to be adjusted according to different characteristics of the object of the accused control rules. 3. Experimental results 3.1. Unit risk assessment Individual risk assessment and multi-factor fuzzy evaluation method is as a network security risk evaluation method. When the occurrence of a risk involving index system, the individual risk assessment methods; when a number of risks occur simultaneously, the first individual risk assessment, and risk assessed in accordance with the assessment standards, determine the level of risk then evaluate use the methods of the multi-factor assessment. Figure 2. Various threats brought risk sum Analyze the risk value for each indicator calculation model through the following quantitative and qualitative: The risks posed by the threat of i is equals to asset class factor multiply the damage to the coefficient multiply risk probability caused by threat i; among them, the damage coefficient is the percentage for the corresponding damage. A single index value at risk Rj = the threaten of Σ caused by i the Wi. Wi refers to the weights of the threat = threat level. Various threats brought risk sum is shown in Figure 2. The weight vector can be calculated, by using analytic hierarchy process in quantitative analysis. First, to calculate the initial factors weights, then to calculate each layer the asset, threat, vulnerability factors such as weight, analytic hierarchy process calculation which can be used as follows: 1) Tectonic factor judgment matrix B = {bj}; 2) B is for the largest eigenvalue and the corresponding characteristic; 3) Consistency inspection, if successful, then the feature vector is the weight vector, or the need to modify the matrix B; Determine the weight vector of the calculation process by using the analytic hierarchy process, which can be illustrated in tables 4 to

7 Table 4. The first layer of factor weights table Type X1 X2 X3 Weight X1 1 1/5 1/ X X The largest eigenvalue=3.039, CI=0.019, RI=0.580; CR=0.033<0.1, Consistency test successful It is assumed that the network layer has 10 sub factors, then the network layer subsystem factors weights table as shown in table 5. Integrated network layer, transport layer and physical layer and each layer of each sub factor weight calculation, see table 6. Table 5. Network layer subsystem factors calculated weight table Type x1 x2 x3 x4 x5 x6 x7 x8 x9 x10 Weight x1 1 1/3 1/3 1/2 1/2 1/5 1/5 1/5 1/3 1/ x /2 2 1/3 1/5 1/4 1/3 1/ x /3 1/2 1/4 1/3 1/ x /3 1/3 1/4 1/3 1/ x5 1 1/3 1/7 1/3 1/5 1/ x6 1 1/4 1/3 1/2 1/ x / x / x9 1 1/ x The largest eigenvalue=11.129, CI=0.125, RI=1.490; CR=0.084<0.1, Consistency test successful Table 6. Each layer of factors weight table Network Layer A1 A2 A3 A4 A5 A6 A7 A8 A9 A10 Weight of network Transport Layer B1 B2 B3 B4 B5 B6 B7 B8 B9 B10 Weight of Transport Physical Layer C1 C2 C3 C4 C5 C6 C7 C8 C9 C10 Weight of physical Conclusion Network security risk assessment is a complex system; the degree of risk is affected by many factors, so it s very complex to evaluate the network security level of risk. This paper established evaluation index system and evaluation method according to the network security risks involving several key aspects to determine the qualitative analysis includes the influence of human factors. Therefore, the index system and evaluation method in this study has some limitations on the extent of the network security risks. In addition, the risk evaluation of the different types of network and aspects are different. A risk assessment for different types of networks, in-depth analysis of the risk of the network reasons, establishes the evaluation index system according to the sources of risk. Fuzzy comprehensive evaluation method is suitable for multi-factor fuzzy relations to a comprehensive evaluation of the scientific method; it is also suitable for the evaluation of network security level of risk. In this study, network security risk assessment is only a preliminary study, and many aspects need to be further study. 5. References [1] Cui Xining, Cheng Yameng, "A Security Evaluation Method for MILS System Within The CC Framework", IJACT: International Journal of Advancements in Computing Technology, Vol. 4, No. 11, pp. 54 ~ 65,

8 [2] Chao Yang, Yiwen Liang, Lin Lu,,Hongbin Dong,,Daihua Yang, "Research of Danger Theory Based on Balancing Mechanism", IJACT: International Journal of Advancements in Computing Technology, Vol. 4, No. 2, pp. 1 ~ 6, 2012 [3] Yavatkar R, D. Pendarakis, R. Guerin, A Framework for Policy-based Admission Control, RFC 2753, [4] Qiang Zhao, Research of university network security, Science & Technology Information Shandong Economics Collage, vol. 3, pp , [5] J. Lee, D. Kim, S. Lee, J. Park, DDoS attacks detection using GA based optimized traffic matrix, in Innovative Mobile and Internet Services in Ubiquitous Computing, the 5th Int. Conf, pp , [6] Ming Yu, "A Nonparametric Adaptive Cusum Method And Its Application In Network Anomaly Detection", IJACT: International Journal of Advancements in Computing Technology, Vol. 4, No. 1, pp. 280 ~ 288, 2012 [7] Dong Yan, Deng Guping, Value the network security of small and medium-sized enterprise, in Digital Communication World, vol. 3, [8] National computer network emergency response technical team/coordination center of china, 2009 Internet Security Survey Report in china. http: // March [9] G. Joya, Francisco Garcı a Lagos, Sandoval, Contingency evaluation and miniaturization using artificial neural network, Neural Comput Appl, vol.19 pp , [10] I. Genc, R. Diao, V. Vittal, S. Mandal, Decision tree-based preventive and corrective control applications for dynamic security enhancement in power systems, IEEE Trans. Power Syst., vol. 25 (3), pp , 2010 [11] Arunraj J. Maiti, Risk-based maintenance policy selection using AHP and goal programming, in Safety Science, vol. 48, pp , [12] A. A. Abou El Ela, M.A. Abido, S. R. Speaa, Differential evolution algorithm for emission constrained economic power dispatch problem Electr, Power Syst. Res, vol. 80, no. 10, pp , [13] J. Casasnovas, J.V. Riera, Extension of discrete t-norms and t-conorms to discrete fuzzy numbers, Fuzzy Sets Syst, vol. 167, no. 1, pp , [14] G. Feng, A survey on analysis and design of model-based fuzzy control systems, IEEE Transactions on Fuzzy Systems, vol. 14, no. 5, pp , 2006 [15] F. Lin, H. Ying, State-feedback control of fuzzy discrete-event systems, IEEE Transactions on Systems, Man, and Cybernetics Part B: Cybernetics, vol. 40, pp , [16] T. Allahviranloo, N. A. Kiani, N. Motamedi, Solving fuzzy differential equations by differential transformation method, Information Science, vol.179, pp , [17] J. Xu, Z. Liao, J.J.Nieto, A class of linear differential dynamical systems with fuzzy matrices, J Math Anal Appl, vol. 36, no. 8, pp ,