论文部分内容阅读
当前已有的信息系统风险评估方法,关注于对组成系统的各个组件的安全性分析,但是缺少对系统安全特性的整体把握。随着复杂网络理论研究的日渐成熟,越来越多的研究者利用复杂网络理论来解决现实系统的结构分析问题。本文将复杂网络理论应用到复杂信息系统的结构性风险分析领域,通过对信息系统网络的连通性和功效性两个方面的分析,实现了对复杂信息系统结构脆弱性分析。本方法通过对信息网络系统特有的网络流量特征研究,弥补了通用复杂网络理论对网络功效性评价的片面性,同时填充了对信息系统结构整体脆弱性分析的空白。
The current information system risk assessment methods focus on the security analysis of the various components that make up the system, but lack of an overall understanding of the security features of the system. As the research of complex network theory matures, more and more researchers use complex network theory to solve the structural analysis of real systems. This paper applies the theory of complex networks to the field of structural risk analysis of complex information systems. By analyzing the connectivity and effectiveness of information systems networks, this paper analyzes the structural vulnerabilities of complex information systems. This method makes up for the one-sidedness of the evaluation of the network efficacy by the general complex network theory and the blank of the analysis of the overall vulnerability of the information system structure by studying the network traffic characteristics peculiar to the information network system.