An approach to information systems security risk assessment based on fuzzy-combinatorial neural network

A risk assessment method was presented by combining fuzzy theory with artificial neural network to solve the problem of security risk assessment of information systems.The risk factors of information systems were classified into three aspects of the influence on asset,frequency of threat,and levels of survivability.Firstly,a model was established for evaluating the degrees of the information systems security risk,and the membership matrices for judgment set were presented.Then,the combinatorial neural network(NN) and fuzzy reasoning theory(FT) were applied to evaluating the security risk of information systems to obtain the final risk grade.Finally,a calculation example was used to show how the method works,and the error analysis was applied to detecting effectiveness and reliability of the model′ performance.