| 基于熵权的Web应用安全模糊综合评估模型 |
| |
| 引用本文: | 顾韵华,李丹.基于熵权的Web应用安全模糊综合评估模型[J].南京信息工程大学学报,2009,1(1):71-75. |
| |
| 作者姓名: | 顾韵华 李丹 |
| |
| 作者单位: | 南京信息工程大学计算机与软件学院,南京,210044 |
| |
| 基金项目: | 国家自然科学基金资助项目 |
| |
| 摘 要: | 针对Web应用安全评估问题,提出一种基于熵权和模糊综合评价方法的Web应用安全评估模型.该模型将熵权与模糊理论相结合,利用熵权系数法确定Web应用安全评价因素集中的权重向量,采用最大隶属度原则确定安全漏洞风险等级.实例分析结果表明该方法简单、实用,能有效进行Web应用安全漏洞风险等级的评估.
|
| 关 键 词: | Web应用安全 熵权 评估 |
| 收稿时间: | 2009/4/25 0:00:00 |
Fuzzy comprehensive evaluation model for Web application security based on entropy weight |
| |
| GU Yunhua,LI Dan.Fuzzy comprehensive evaluation model for Web application security based on entropy weight[J].Journal of Nanjing University of Information Science & Technology,2009,1(1):71-75. |
| |
| Authors: | GU Yunhua LI Dan |
| |
| Affiliation: | ( School of Computer and Software, Nanjing University of Information Science and Technology, Nanjing 210044) |
| |
| Abstract: | Aimed at evaluating Web application security, a fuzzy comprehensive evaluation model based on entropy weight is proposed. The model combines entropy weight with fuzzy theory. The weight in the model is determined by using the entropy weight coefficient method, and the principle of maximum degree of membership is used to determine the risk level of vulnerabilities. The results of the example analysis indicate that the method is simple and practical, and the model presented may realize an effective risk assessment of security loopholes present in Web application. |
| |
| Keywords: | Web application security entropy weight evaluation |
| 本文献已被 维普 万方数据 等数据库收录! |
| 点击此处可从《南京信息工程大学学报》浏览原始摘要信息 |
|
点击此处可从《南京信息工程大学学报》下载全文 |
