Research of information security risk prediction based on grey theory and ANP

摘要

Risk prediction is an important part of the information security system. At present, information security system needs an effective prediction method urgently. In accordance with the information security risk assessment process and combination of assets, threat, vulnerability and safety control measures, to strengthen the correlation among these factors and make the prediction results more objective for the target, the authors put forward a model based on the combination of the grey theory and analytic network process(ANP) with information security risk prediction. First, the model predicted value of each element is obtained by grey theory GM(1,1), and then establish the weight of each risk assessment element through the analytic network process (ANP) by analyzing interdependency and feedback, finally, set up systematic risk fuzzy comprehensive calculation to process data and build accurate mathematical model by combining with the risk assessment level. That is [0,1],to achieve a more accurate risk situation prediction through the quantitative results so of realistic significance for information system security.