Skip to Main Content
Risk assessment of information security is an important assessment method and decision mechanism in the process of making information security system. The risk evaluation is a process of computing risk value by means of risk assessment, which is from assessment and evaluation of assets, threats, and vulnerabilities to the risk evaluation of information asset. Focused on the uncertainty and complexity of information, we integrate the artificial neural network to apply them in studying risk evaluation. Firstly, since the artificial neural network is suited for the quantity data processing, and poor to the qualitative analyze, and risk is uncertain, the risk factors are quantized by fuzzy evaluation method proposed in this dissertation so that the input of ANN are pre-treated. Secondly, wavelet analysis and the neural network is integrated, we apply them in studying risk evaluation. The shortcomings of the neural network can be overcome, such as a slower study velocity and lower fit accuracy. The simulation results show that risk level of the information system can be evaluated quantitatively by trained neural network, and the shortcomings of current evaluating methods can be overcome, such as more subjectivity and fuzzy conclusion.