Visible to the public Biblio

Filters: Keyword is analytic hierarchy process  [Clear All Filters]
2021-02-03
He, S., Lei, D., Shuang, W., Liu, C., Gu, Z..  2020.  Network Security Analysis of Industrial Control System Based on Attack-Defense Tree. 2020 IEEE International Conference on Artificial Intelligence and Information Systems (ICAIIS). :651—655.
In order to cope with the network attack of industrial control system, this paper proposes a quantifiable attack-defense tree model. In order to reduce the influence of subjective factors on weight calculation and the probability of attack events, the Fuzzy Analytic Hierarchy Process and the Attack-Defense Tree model are combined. First, the model provides a variety of security attributes for attack and defense leaf nodes. Secondly, combining the characteristics of leaf nodes, a fuzzy consistency matrix is constructed to calculate the security attribute weight of leaf nodes, and the probability of attack and defense leaf nodes. Then, the influence of defense node on attack behavior is analyzed. Finally, the network risk assessment of typical airport oil supply automatic control system has been undertaken as a case study using this attack-defense tree model. The result shows that this model can truly reflect the impact of defense measures on the attack behavior, and provide a reference for the network security scheme.
2021-01-18
Qiu, J., Lu, X., Lin, J..  2019.  Optimal Selection of Cryptographic Algorithms in Blockchain Based on Fuzzy Analytic Hierarchy Process. 2019 IEEE 4th International Conference on Computer and Communication Systems (ICCCS). :208–212.
As a collection of innovative technologies, blockchain has solved the problem of reliable transmission and exchange of information on untrusted networks. The underlying implementation is the basis for the reliability of blockchain, which consists of various cryptographic algorithms for the use of identity authentication and privacy protection of distributed ledgers. The cryptographic algorithm plays a vital role in the blockchain, which guarantees the confidentiality, integrity, verifiability and non-repudiation of the blockchain. In order to get the most suitable cryptographic algorithm for the blockchain system, this paper proposed a method using Fuzzy Analytic Hierarchy Process (FAHP) to evaluate and score the comprehensive performance of the three types of cryptographic algorithms applied in the blockchain, including symmetric cryptographic algorithms, asymmetric cryptographic algorithms and hash algorithms. This paper weighs the performance differences of cryptographic algorithms considering the aspects of security, operational efficiency, language and hardware support and resource consumption. Finally, three cryptographic algorithms are selected that are considered to be the most suitable ones for block-chain systems, namely ECDSA, sha256 and AES. This result is also consistent with the most commonly used cryptographic algorithms in the current blockchain development direction. Therefore, the reliability and practicability of the algorithm evaluation pro-posed in this paper has been proved.
2020-11-23
Wu, K., Gao, X., Liu, Y..  2018.  Web server security evaluation method based on multi-source data. 2018 International Conference on Cloud Computing, Big Data and Blockchain (ICCBB). :1–6.
Traditional web security assessments are evaluated using a single data source, and the results of the calculations from different data sources are different. Based on multi-source data, this paper uses Analytic Hierarchy Process to construct an evaluation model, calculates the weight of each level of indicators in the web security evaluation model, analyzes and processes the data, calculates the host security threat assessment values at various levels, and visualizes the evaluation results through ECharts+WebGL technology.
2020-10-05
Ahmed, Abdelmuttlib Ibrahim Abdalla, Khan, Suleman, Gani, Abdullah, Hamid, Siti Hafizah Ab, Guizani, Mohsen.  2018.  Entropy-based Fuzzy AHP Model for Trustworthy Service Provider Selection in Internet of Things. 2018 IEEE 43rd Conference on Local Computer Networks (LCN). :606—613.

Nowadays, trust and reputation models are used to build a wide range of trust-based security mechanisms and trust-based service management applications on the Internet of Things (IoT). Considering trust as a single unit can result in missing important and significant factors. We split trust into its building-blocks, then we sort and assign weight to these building-blocks (trust metrics) on the basis of its priorities for the transaction context of a particular goal. To perform these processes, we consider trust as a multi-criteria decision-making problem, where a set of trust worthiness metrics represent the decision criteria. We introduce Entropy-based fuzzy analytic hierarchy process (EFAHP) as a trust model for selecting a trustworthy service provider, since the sense of decision making regarding multi-metrics trust is structural. EFAHP gives 1) fuzziness, which fits the vagueness, uncertainty, and subjectivity of trust attributes; 2) AHP, which is a systematic way for making decisions in complex multi-criteria decision making; and 3) entropy concept, which is utilized to calculate the aggregate weights for each service provider. We present a numerical illustration in trust-based Service Oriented Architecture in the IoT (SOA-IoT) to demonstrate the service provider selection using the EFAHP Model in assessing and aggregating the trust scores.

2020-09-21
Xin, Yang, Qian, Zhenwei, Jiang, Rong, Song, Yang.  2019.  Trust Evaluation Strategy Based on Grey System Theory for Medical Big Data. 2019 IEEE International Conference on Computer Science and Educational Informatization (CSEI). :157–160.
The performance of the trust evaluation strategy depends on the accuracy and rationality of the trust evaluation weight system. Trust is a difficult to accurate measurement and quantitative cognition in the heart, the trust of the traditional evaluation method has a strong subjectivity and fuzziness and uncertainty. This paper uses the AHP method to determine the trust evaluation index weight, and combined with grey system theory to build trust gray evaluation model. The use of gray assessment based on the whitening weight function in the evaluation process reduces the impact of the problem that the evaluation result of the trust evaluation is not easy to accurately quantify when the decision fuzzy and the operating mechanism are uncertain.
2020-08-28
Jia, Ziyi, Wu, Chensi, Zhang, Yuqing.  2019.  Research on the Destructive Capability Metrics of Common Network Attacks. 2019 IEEE SmartWorld, Ubiquitous Intelligence Computing, Advanced Trusted Computing, Scalable Computing Communications, Cloud Big Data Computing, Internet of People and Smart City Innovation (SmartWorld/SCALCOM/UIC/ATC/CBDCom/IOP/SCI). :1419—1424.

An improved algorithm of the Analytic Hierarchy Process (AHP) is proposed in this paper, which is realized by constructing an improved judgment matrix. Specifically, rough set theory is used in the algorithm to calculate the weight of the network metric data, and then the improved AHP algorithm nine-point systemic is structured, finally, an improved AHP judgment matrix is constructed. By performing an AHP operation on the improved judgment matrix, the weight of the improved network metric data can be obtained. If only the rough set theory is applied to process the network index data, the objective factors would dominate the whole process. If the improved algorithm of AHP is used to integrate the expert score into the process of measurement, then the combination of subjective factors and objective factors can be realized. Based on the aforementioned theory, a new network attack metrics system is proposed in this paper, which uses a metric structure based on "attack type-attack attribute-attack atomic operation-attack metrics", in which the metric process of attack attribute adopts AHP. The metrics of the system are comprehensive, given their judgment of frequent attacks is universal. The experiment was verified by an experiment of a common attack Smurf. The experimental results show the effectiveness and applicability of the proposed measurement system.

2020-07-20
Haque, Md Ariful, Shetty, Sachin, Krishnappa, Bheshaj.  2019.  Modeling Cyber Resilience for Energy Delivery Systems Using Critical System Functionality. 2019 Resilience Week (RWS). 1:33–41.

In this paper, we analyze the cyber resilience for the energy delivery systems (EDS) using critical system functionality (CSF). Some research works focus on identification of critical cyber components and services to address the resiliency for the EDS. Analysis based on the devices and services excluding the system behavior during an adverse event would provide partial analysis of cyber resilience. To address the gap, in this work, we utilize the vulnerability graph representation of EDS to compute the system functionality under adverse condition. We use network criticality metric to determine CSF. We estimate the criticality metric using graph Laplacian matrix and network performance after removing links (i.e., disabling control functions, or services). We model the resilience of the EDS using CSF, and system recovery curve. We also provide a comprehensive analysis of cyber resilience by determining the critical devices using TOPSIS (Technique for Order Preference by Similarity to Ideal Solution) and AHP (Analytical Hierarchy Process) methods. We present use cases of EDS illustrating the way control functions and services in EDS map to the vulnerability graph model. The simulation results show that we can estimate the resilience metric using different types of graphs that may assist in making an informed decision about EDS resilience.

2020-05-08
Su, Chunmei, Li, Yonggang, Mao, Wen, Hu, Shangcheng.  2018.  Information Network Risk Assessment Based on AHP and Neural Network. 2018 10th International Conference on Communication Software and Networks (ICCSN). :227—231.
This paper analyzes information network security risk assessment methods and models. Firstly an improved AHP method is proposed to assign the value of assets for solving the problem of risk judgment matrix consistency effectively. And then the neural network technology is proposed to construct the neural network model corresponding to the risk judgment matrix for evaluating the individual risk of assets objectively, the methods for calculating the asset risk value and system risk value are given. Finally some application results are given. Practice proves that the methods are correct and effective, which has been used in information network security risk assessment application and offers a good foundation for the implementation of the automatic assessment.
2020-04-06
Li, Jiabin, Xue, Zhi.  2019.  Distributed Threat Intelligence Sharing System: A New Sight of P2P Botnet Detection. 2019 2nd International Conference on Computer Applications Information Security (ICCAIS). :1–6.

Botnet has been evolving over time since its birth. Nowadays, P2P (Peer-to-Peer) botnet has become a main threat to cyberspace security, owing to its strong concealment and easy expansibility. In order to effectively detect P2P botnet, researchers often focus on the analysis of network traffic. For the sake of enriching P2P botnet detection methods, the author puts forward a new sight of applying distributed threat intelligence sharing system to P2P botnet detection. This system aims to fight against distributed botnet by using distributed methods itself, and then to detect botnet in real time. To fulfill the goal of botnet detection, there are 3 important parts: the threat intelligence sharing and evaluating system, the BAV quantitative TI model, and the AHP and HMM based analysis algorithm. Theoretically, this method should work on different types of distributed cyber threat besides P2P botnet.

2020-03-09
Wang, Xin, Wang, Liming, Miao, Fabiao, Yang, Jing.  2019.  SVMDF: A Secure Virtual Machine Deployment Framework to Mitigate Co-Resident Threat in Cloud. 2019 IEEE Symposium on Computers and Communications (ISCC). :1–7.

Recent studies have shown that co-resident attacks have aroused great security threat in cloud. Since hardware is shared among different tenants, malicious tenants can launch various co-resident attacks, such as side channel attacks, covert channel attacks and resource interference attacks. Existing countermeasures have their limitations and can not provide comprehensive defense against co-resident attacks. This paper combines the advantages of various countermeasures and proposes a complete co-resident threat defense solution which consists of co-resident-resistant VM allocation (CRRVA), analytic hierarchy process-based threat score mechanism (AHPTSM) and attack-aware VM reallocation (AAVR). CRRVA securely allocates VMs and also takes load balance and power consumption into consideration to make the allocation policy more practical. According to the intrinsic characteristics of co-resident attacks, AHPTSM evaluates VM's threat score which denotes the probability that a VM is suffering or conducting co-resident attacks based on analytic hierarchy process. And AAVR further migrates VMs with extremely high threat scores and separates VM pairs which are likely to be malicious to each other. Extensive experiments in CloudSim have shown that CRRVA can greatly reduce the allocation co-resident threat as well as balancing the load for both CSPs and tenants with little impact on power consumption. In addition, guided by threat score distribution, AAVR can effectively guarantee runtime co-resident security by migrating high threat score VMs with less migration cost.

2020-02-26
Diahovchenko, Illia, Kandaperumal, Gowtham, Srivastava, Anurag.  2019.  Distribution Power System Resiliency Improvement Using Distributed Generation and Automated Switching. 2019 IEEE 6th International Conference on Energy Smart Systems (ESS). :126–131.

The contemporary power distribution system is facing an increase in extreme weather events, cybersecurity threats and even physical threats such as terrorism. Therefore there is a growing interest towards resiliency estimation and improvement. In this paper the resiliency enhancement strategy by means of Distributed Energy Resources and Automated Switches is presented. Resiliency scores are calculated using Analytical Hierarchy Process. The developed algorithm was validated on the modified IEEE 123 node system. It provides the most resiliency feasible network that satisfies the primary goal of serving the critical loads.

2020-02-17
Prajanti, Anisa Dewi, Ramli, Kalamullah.  2019.  A Proposed Framework for Ranking Critical Information Assets in Information Security Risk Assessment Using the OCTAVE Allegro Method with Decision Support System Methods. 2019 34th International Technical Conference on Circuits/Systems, Computers and Communications (ITC-CSCC). :1–4.
The security of an organization lies not only in physical buildings, but also in its information assets. Safeguarding information assets requires further study to establish optimal security mitigation steps. In determining the appropriate mitigation of information assets, both an information security risk assessment and a clear and measurable rating are required. Most risk management methods do not provide the right focus on ranking the critical information assets of an organization. This paper proposes a framework approach for ranking critical information assets. The proposed framework uses the OCTAVE Allegro method, which focuses on profiling information assets by combining ranking priority measurements using decision support system methods, such as Simple Additive Weighting (SAW) and Analytic Hierarchy Process (AHP). The combined OCTAVE Allegro-SAW and OCTAVE Allegro-AHP methods are expected to better address risk priority as an input to making mitigation decisions for critical information assets. These combinations will help management to avoid missteps in adjusting budget needs allocation or time duration by selecting asset information mitigation using the ranking results of the framework.
2019-06-17
Martinelli, Fabio, Michailidou, Christina, Mori, Paolo, Saracino, Andrea.  2018.  Too Long, Did Not Enforce: A Qualitative Hierarchical Risk-Aware Data Usage Control Model for Complex Policies in Distributed Environments. Proceedings of the 4th ACM Workshop on Cyber-Physical System Security. :27–37.

Distributed environments such as Internet of Things, have an increasing need of introducing access and usage control mechanisms, to manage the rights to perform specific operations and regulate the access to the plethora of information daily generated by these devices. Defining policies which are specific to these distributed environments could be a challenging and tedious task, mainly due to the large set of attributes that should be considered, hence the upcoming of unforeseen conflicts or unconsidered conditions. In this paper we propose a qualitative risk-based usage control model, aimed at enabling a framework where is possible to define and enforce policies at different levels of granularity. In particular, the proposed framework exploits the Analytic Hierarchy Process (AHP) to coalesce the risk value assigned to different attributes in relation to a specific operation, in a single risk value, to be used as unique attribute of usage control policies. Two sets of experiments that show the benefits both in policy definition and in performance, validate the proposed model, demonstrating the equivalence of enforcement among standard policies and the derived single-attributed policies.

2019-02-25
Setyono, R. Puji, Sarno, R..  2018.  Vendor Track Record Selection Using Best Worst Method. 2018 International Seminar on Application for Technology of Information and Communication. :41–48.
Every company will largely depend on other companies. This will help unite a large business process. Risks that arise from other companies will affect the business performance of a company. Because of this, the right choice for suppliers is crucial. Each vendor has different characteristics. Everything is not always suitable basically the selection process is quite complex and risky. This has led to a new case study which has been studied for years by researchers known as Supplier Selection Problems. Selection of vendors with multi-criteria decision making has been widely studied over years ago. The Best Worst Method is a new science in Multi-Criteria Decision Making (MCDM) determination. In this research, taking case study at XYZ company is in Indonesia which is engaged in mining and industry. The research utilized the transaction data that have been recorded by the XYZ company and analyzed vendor valuation. The weighting of Best Worst Method is calculated based on vendor assessment result. The results show that XYZ company still focuses on Price as its key criteria.
2019-01-21
Fei, Y., Ning, J., Jiang, W..  2018.  A quantifiable Attack-Defense Trees model for APT attack. 2018 IEEE 3rd Advanced Information Technology, Electronic and Automation Control Conference (IAEAC). :2303–2306.
In order to deal with APT(Advanced Persistent Threat) attacks, this paper proposes a quantifiable Attack-Defense Tree model. First, the model gives both attack and defense leaf node a variety of security attributes. And then quantifies the nodes through the analytic hierarchy process. Finally, it analyzes the impact of the defense measures on the attack behavior. Through the application of the model, we can see that the quantifiable Attack-Defense Tree model can well describe the impact of defense measures on attack behavior.
2018-12-03
Khayyam, Y. E., Herrou, B..  2017.  Risk assessment of the supply chain: Approach based on analytic hierarchy process and group decision-making. 2017 International Colloquium on Logistics and Supply Chain Management (LOGISTIQUA). :135–141.

Faced with a turbulent economic, political and social environment, Companies need to build effective risk management systems in their supply chains. Risk management can only be effective when the risks identification and analysis are enough accurate. In this perspective, this paper proposes a risk assessment approach based on the analytic hierarchy process and group decision making. In this study, a new method is introduced that will reduce the impact of incoherent judgments on group decision-making, It is, the “reduced weight function” that decreases the weight associated to a member of the expert panel based on the consistency of its judgments.

2017-03-08
Wang, R. T., Chen, C. T..  2015.  Framework Building and Application of the Performance Evaluation in Marine Logistics Information Platform in Taiwan. 2015 2nd International Conference on Information Science and Control Engineering. :245–249.

This paper has conducted a trial in establishing a systematic instrument for evaluating the performance of the marine information systems. Analytic Network Process (ANP) was introduced for determining the relative importance of a set of interdependent criteria concerned by the stakeholders (shipper/consignee, customer broker, forwarder, and container yard). Three major information platforms (MTNet, TradeVan, and Nice Shipping) in Taiwan were evaluated according to the criteria derived from ANP. Results show that the performance of marine information system can be divided into three constructs, namely: Safety and Technology (3 items), Service (3 items), and Charge (3 items). The Safety and Technology is the most important construct of marine information system evaluation, whereas Charger is the least important construct. This study give insights to improve the performance of the existing marine information systems and serve as the useful reference for the future freight information platform.

Xu, Kun, Bao, Xinzhong, Tao, Qiuyan.  2015.  Research on income distribution model of supply chain financing based on third-party trading platform. 2015 International Conference on Logistics, Informatics and Service Sciences (LISS). :1–6.

The stability and effectiveness of supply chain financing union are directly affected by income fluctuation and unequal distribution problems, subsequently making the economic interests of the involved parties impacted. In this paper, the incomes of the parties in the union were distributed using Shapley value from the perspective of cooperative game under the background of the supply chain financing based on third-party trading platform, and then correction factors were weighted by introducing risk correction factors and combining with analytic hierarchy process (AHP), in order to improve the original model. Finally, the feasibility of the scheme was proved using example.

Li, Sihuan, Hu, Lihui.  2015.  Risk assessment of agricultural supply chain based on AHP- FCS in Eastern Area of Hunan Province. 2015 International Conference on Logistics, Informatics and Service Sciences (LISS). :1–6.

In recent years, The vulnerability of agricultural products chain is been exposed because of the endlessly insecure events appeared in every areas and every degrees from the natural disasters on the each node operation of agricultural products supply chain in recently years. As an very important place of HUNAN Province because of its abundant agricultural products, the Eastern Area's security in agricultural products supply chain was related to the safety and stability of economic development in the entire region. In order to make the more objective, scientific, practical of risk management in the empirical analysis, This item is based on the AHP-FCS method to deal with the qualitative to quantitative analysis about risk management of agricultural product supply chain, to identify and evaluate the probability and severity of all the risk possibility.

2017-02-27
Zheng, Y., Zheng, S..  2015.  Cyber Security Risk Assessment for Industrial Automation Platform. 2015 International Conference on Intelligent Information Hiding and Multimedia Signal Processing (IIH-MSP). :341–344.

Due to the fact that the cyber security risks exist in industrial control system, risk assessment on Industrial Automation Platform (IAP) is discussed in this paper. The cyber security assessment model for IAP is built based on relevant standards at abroad. Fuzzy analytic hierarchy process and fuzzy comprehensive evaluation method based on entropy theory are utilized to evaluate the communication links' risk of IAP software. As a result, the risk weight of communication links which have impacts on platform and the risk level of this platform are given for further study on protective strategy. The assessment result shows that the methods used can evaluate this platform efficiently and practically.

M, Supriya, Sangeeta, K., Patra, G. K..  2015.  Comparison of AHP based and Fuzzy based mechanisms for ranking Cloud Computing services. 2015 International Conference on Computer, Control, Informatics and its Applications (IC3INA). :175–180.

Cloud Computing has emerged as a paradigm to deliver on demand resources to facilitate the customers with access to their infrastructure and applications as per their requirements on a subscription basis. An exponential increase in the number of cloud services in the past few years provides more options for customers to choose from. To assist customers in selecting a most trustworthy cloud provider, a unified trust evaluation framework is needed. Trust helps in the estimation of competency of a resource provider in completing a task thus enabling users to select the best resources in the heterogeneous cloud infrastructure. Trust estimates obtained using the AHP process exhibit a deviation for parameters that are not in direct proportion to the contributing attributes. Such deviation can be removed using the Fuzzy AHP model. In this paper, a Fuzzy AHP based hierarchical trust model has been proposed to rate the service providers and their various plans for infrastructure as a service.

2015-05-06
Farzan, F., Jafari, M.A., Wei, D., Lu, Y..  2014.  Cyber-related risk assessment and critical asset identification in power grids. Innovative Smart Grid Technologies Conference (ISGT), 2014 IEEE PES. :1-5.

This paper proposes a methodology to assess cyber-related risks and to identify critical assets both at power grid and substation levels. The methodology is based on a two-pass engine model. The first pass engine is developed to identify the most critical substation(s) in a power grid. A mixture of Analytical hierarchy process (AHP) and (N-1) contingent analysis is used to calculate risks. The second pass engine is developed to identify risky assets within a substation and improve the vulnerability of a substation against the intrusion and malicious acts of cyber hackers. The risk methodology uniquely combines asset reliability, vulnerability and costs of attack into a risk index. A methodology is also presented to improve the overall security of a substation by optimally placing security agent(s) on the automation system.
 

Saini, V.K., Kumar, V..  2014.  AHP, fuzzy sets and TOPSIS based reliable route selection for MANET. Computing for Sustainable Global Development (INDIACom), 2014 International Conference on. :24-29.

Route selection is a very sensitive activity for mobile ad-hoc network (MANET) and ranking of multiple routes from source node to destination node can result in effective route selection and can provide many other benefits for better performance and security of MANET. This paper proposes an evaluation model based on analytical hierarchy process (AHP), fuzzy sets and technique for order performance by similarity to ideal solution (TOPSIS) to provide a useful solution for ranking of routes. The proposed model utilizes AHP to acquire criteria weights, fuzzy sets to describe vagueness with linguistic values and triangular fuzzy numbers, and TOPSIS to obtain the final ranking of routes. Final ranking of routes facilitates selection of best and most reliable route and provide alternative options for making a robust Mobile Ad-hoc network.

Hui Xia, Zhiping Jia, Sha, E.H.-M..  2014.  Research of trust model based on fuzzy theory in mobile ad hoc networks. Information Security, IET. 8:88-103.

The performance of ad hoc networks depends on the cooperative and trust nature of the distributed nodes. To enhance security in ad hoc networks, it is important to evaluate the trustworthiness of other nodes without central authorities. An information-theoretic framework is presented, to quantitatively measure trust and build a novel trust model (FAPtrust) with multiple trust decision factors. These decision factors are incorporated to reflect trust relationship's complexity and uncertainty in various angles. The weight of these factors is set up using fuzzy analytic hierarchy process theory based on entropy weight method, which makes the model has a better rationality. Moreover, the fuzzy logic rules prediction mechanism is adopted to update a node's trust for future decision-making. As an application of this model, a novel reactive trust-based multicast routing protocol is proposed. This new trusted protocol provides a flexible and feasible approach in routing decision-making, taking into account both the trust constraint and the malicious node detection in multi-agent systems. Comprehensive experiments have been conducted to evaluate the efficiency of trust model and multicast trust enhancement in the improvement of network interaction quality, trust dynamic adaptability, malicious node identification, attack resistance and enhancements of system's security.

2015-05-05
Sunny, S., Pavithran, V., Achuthan, K..  2014.  Synthesizing perception based on analysis of cyber attack environments. Advances in Computing, Communications and Informatics (ICACCI, 2014 International Conference on. :2027-2030.

Analysing cyber attack environments yield tremendous insight into adversory behavior, their strategy and capabilities. Designing cyber intensive games that promote offensive and defensive activities to capture or protect assets assist in the understanding of cyber situational awareness. There exists tangible metrics to characterizing games such as CTFs to resolve the intensity and aggression of a cyber attack. This paper synthesizes the characteristics of InCTF (India CTF) and provides an understanding of the types of vulnerabilities that have the potential to cause significant damage by trained hackers. The two metrics i.e. toxicity and effectiveness and its relation to the final performance of each team is detailed in this context.