基于模糊攻防树和熵权法的工控系统脆弱性量化评估方法

Quantitative vulnerability assessment method for industrial control system based on fuzzy attack-defense tree and entropy weight method

为了提高脆弱性量化评估结果的可靠性,提出一种基于模糊攻防树和熵权法的工控系统脆弱性量化评估方法。该方法以攻击防御树为模型,首先将模糊集合理论与专家评价相结合;然后聚合多位专家对同一安全属模糊评价,在模糊聚合过程中利用模糊距离计算专家模糊评价的偏离度以提高模糊聚合的可靠性,并采用熵权法确定叶子节点量化过程中各安全属性的权重;最后计算叶子节点及攻击序列概率。案例分析表明,该方法能有效提高评估结果的可靠性,为工控系统信息安全防护提供重要依据。

In order to improve the reliability of the results of vulnerability quantitative assessment,this paper proposed a vulnerability quantitative assessment method for industrial control system based on fuzzy attack and defense tree and entropy weight method.Firstly,it combined the fuzzy set theory with expert evaluation.Then,it gathered multiple experts’ fuzzy evaluation on the same security attributes.To improve the reliability of fuzzy aggregation,it used fuzzy distance to calculate the deviation degree of expert fuzzy evaluation in the process of fuzzy aggregation to improve the reliability of fuzzy aggregation,and used entropy weight method to determine the weight of each safety attribute in the process of leaf node quantization.Finally,it calculated the leaf nodes and the probability of the attack sequence.The case study shows that this method can effectively improve the reliability of evaluation results,and provides an important basis for information security protection of industrial control system.