Abstract
Expectation of loss is adopted to describe the potential risk of an information system in conventional risk assessment methods which can not reflect the nonlinear property of loss. To solve the problem, this paper proposes a loss utility function and a possibility utility function to describe the loss and possibility of risk respectively, together with the concept of risk utility. With AHP(analytic hierarchy process) and risk utility combined together, this paper manages to conduct a relatively comprehensive risk assessment of the system and demonstrates its effectiveness in an example in practice.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Feng, D.G., Zhang, Y., Zhang, Y.Q.: Survey of Information Security Risk Assessment. Journal of China Institute of Communications 25(7), 10–18 (2004)
Satty, T.L.: The Analytic Hierarchy Process. Mc Graw-Hill, New York (1980)
Tah, J.H.M., Carr, V.: A Proposal for Construction Project Risk Assessment Using Fuzzy Logic. Construction Management and Economics 18(44), 491–500 (2000)
Chen, S.J., Chen, S.M.: Fuzzy Risk Analysis Based on Similarity Measures of Generalized Fuzzy Mumbers. IEEE Transactions on Fuzzy Systems 11(5), 45–55 (2003)
Zhao, D.M., Wang, J.H., Wu, J., et al.: Using Fuzzy Logic and Entropy Theory to Risk Assessment of the Information Security. In: Proceeding of Fourth International Conference on Machine Learning and Cybernetics, Guangzhou, China, pp. 2448–2453 (2005)
Gao, Y., Luo, J.Z.: Information Security Risk Assessment Based on Grey Relational Decision-making Algorithm. Journal of southeast university (Natural science edition) 39(2), 225–229 (2009)
Yao, Z.G., Tan, J.L., Sun, S.G.: Information Security Risk Assessment System Considering Information Content. Computer Engineering and Applications 45(7), 123–126 (2009)
Zhu, J., Gao, H.S., Li, C.C.: Information Security Risk Evaluation Based on D-S Evidence Theory. Journal of North China Electric Power University 35(4), 102–108 (2008)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Yao, D., Lu, B., Fu, F., Ji, Y. (2010). A Risk Assessment Algorithm Based on Utility Theory. In: Huang, DS., Zhang, X., Reyes GarcÃa, C.A., Zhang, L. (eds) Advanced Intelligent Computing Theories and Applications. With Aspects of Artificial Intelligence. ICIC 2010. Lecture Notes in Computer Science(), vol 6216. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-14932-0_71
Download citation
DOI: https://doi.org/10.1007/978-3-642-14932-0_71
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-14931-3
Online ISBN: 978-3-642-14932-0
eBook Packages: Computer ScienceComputer Science (R0)